<?php
class LoginAction extends Action{



		function index(){
			$this->display();
		}
		
		function checkLogin(){
			if(empty($_POST['username'])) {
				$this->error('帐号不正确！');
			}elseif (empty($_POST['password'])){
				$this->error('密码不正确！');
			}elseif (empty($_POST['verify'])){
				$this->error('验证码不正确！');
			}
			//生成认证条件
			$map            =   array();
			// 支持使用绑定帐号登录
			$map['username']	= $_POST['username'];
			//$map["status"]	=	array('gt',0);
			if(session('verify') != md5($_POST['verify'])) {
				$this->error('验证码错误！');
			}
			import ( 'ORG.Util.RBAC' );
			$authInfo = RBAC::authenticate($map);
			if($authInfo['status']!=='1'){
				$this->error('您的帐号已被禁用！');
			}

			//使用用户名、密码和状态的方式进行认证
			if(false === $authInfo || null===$authInfo) {
				$this->error('帐号不存在或已禁用！');
			}else {
				if($authInfo['password'] != md5($_POST['password'].$authInfo['x'])) {
					$this->error('您的帐号或密码不正确！');
				}
				$_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
				$_SESSION['username']=$authInfo['username'];
				if($authInfo['username']=='melody') {
					$_SESSION['administrator']		=	true;
				}
				//保存登录信息
				$User	=	M('Admin');
				$ip		=	get_client_ip();
				$time	=	time();
				$data = array();
				$data['id']	=	$authInfo['id'];
				$data['time']	=	$time;
				//$data['login_count']	=	array('exp','login_count+1');
				$data['login_ip']	=	$ip;
				$User->save($data);

				// 缓存访问权限
				RBAC::saveAccessList();
				$this->success('登录成功！',__GROUP__.'/index');

			}
	
		}
		
		function loginout(){
			if(isset($_SESSION[C('USER_AUTH_KEY')])) {
				unset($_SESSION[C('USER_AUTH_KEY')]);
				unset($_SESSION);
				session_destroy();
				$this->success('退出成功！',__GROUP__.'/Login');
			}else {
				$this->error('已经登出！');
			}
		}
		
		Public function Verify(){
			import('ORG.Util.Image');
			Image::buildImageVerify();
		}


}